<?php if (!defined('SYSTEM_ROOT')) { die('Insufficient Permissions'); }

if(isset($_GET['msg'])){
    echo '<script>alert(\''.htmlspecialchars($_REQUEST['msg']).'\');</script>';
}

if(isset($_GET['save'])){
    $npw = isset($_POST['npw']) ? addslashes(strip_tags($_POST['npw'])) : 0;
    $email = isset($_POST['email']) ? addslashes(strip_tags($_POST['email'])) : 0;
    if(empty($npw)){
        if(!empty($email)){
            global $m;
            $m->query("UPDATE `".DB_NAME."`.`".DB_PREFIX."users` SET `email` = '{$email}' WHERE `id` = ".UID);
            Redirect('index.php?mod=set&msg='.urlencode('修改邮箱成功！'));
        } else {
            Redirect('index.php?mod=set&msg='.urlencode('没有需要保存的项目！'));
        }
    } else {
        if(!empty($email)){
            global $m;
            $npw = EncodePwd($npw);
            $m->query("UPDATE `".DB_NAME."`.`".DB_PREFIX."users` SET `email` = '{$email}' WHERE `id` = ".UID);
            $m->query("UPDATE `".DB_NAME."`.`".DB_PREFIX."users` SET `pw` = '{$npw}' WHERE `id` = ".UID);
            setcookie("username",'', time() - 3600);
            setcookie("password",'', time() - 3600);
            Redirect('index.php?mod=login&msg='.urlencode('邮箱和密码修改成功！'));
        } else {
            global $m;
            $m->query("UPDATE `".DB_NAME."`.`".DB_PREFIX."users` SET `pw` = '{$npw}' WHERE `id` = ".UID);
            setcookie("username",'', time() - 3600);
            setcookie("password",'', time() - 3600);
            Redirect('index.php?mod=login&msg='.urlencode('密码修改成功！'));

        }
    }
}

class set{
    static function getEmail(){
        return UEMAIL;
    }

    static function getUsername(){
        return UNAME;
    }

    static function getName(){
        return FULLNAME;
    }
}